[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Avoid not authenticated forged mail

On 22/12/09 16:14, Thomas Goirand wrote:
Yves Junqueira wrote:
2009/12/22 Carlos Acedo<carlos@pangea.org>

Once in a while I receive spam "from my own" mail address, many users send mails to themselfs, so what I would like is to allow only authenticated mail to be able to send mails to themselfs. Is that possible?
Yes. You probably need a mix of strict SPF records in your domain,
employ SPF checking in your MTA and accept authenticated only SMTP

This has the positive side effect of other mail systems being able to
use these SPF records to check if they people are pretending to be

When using SPF, it's also a good idea to use DKIM too.
I do agree that DKIM would solve this issue nicely. Since we implemented
it, this kind of issue are gone. If I may suggest you, you can use
dkimproxy 1.2 that I maintain and that has just been uploaded to SID (it
also works for Lenny out of the box without the need to backport as its
arch indep.).


Thank you for your replies, I was considering DKIM, but I was afraid of the overhead, but I think it's worth after all. I will also take a look to the SPF records as well.



Reply to: